一、实验拓扑
二、实验要求
1、R6为ISP,接口IP地址均为公有地址,该设备只能配置IP地址,之后不能再对其进行任何配置
2、R1-R5为局域网,私有IP地址192.168.1.0/24,请合理分配
3、R1、R2、R4,各有两个环回IP地址;R5,R6各有一个环回地址;所有路由器上环回均代表连接用户的接口;
4、R3下面的两台PC通过DHCP自动获取IP地址,
5、选路最佳,路由表尽量小,避免环路;
6、R1-R5均可以访问R6的环回;
7、在R1上配置telnet服务,使R6能通过R5的公有地址telnet到R1上;
8、R4与R5正常通过1000M链路,故障时通过100M链路
三、实验思路
1.进行IP地址的合理划分,并进行配置
2.对R3进行DHCP协议的配置,使PC1和PC2可以自动获取IP地址
3.对R1—R5进行静态路由配置,对R1,R2,R4设置空接口防环
4.在R5的出接口处进行NAT配置(写一个基础ACL抓取私网流量,和出接口绑定),同时给R1-R4配置指向外网的静态缺省路由,使得R1到R5的网段均可以访问R6的公网,配置静态缺省,并通过ping测试
5.配置R1 的telnet,使R6能通过R5的公有地址telnet到R1上
6.配置R4和R5之间两条链路的优先级,模拟1000M线路产生故障时,会使用100M线路
四、实验步骤
1.配置IP地址
[R1-GigabitEthernet0/0/0]ip address 192.168.1.1 30
[R1-GigabitEthernet0/0/1]ip address 192.168.1.5 30
[R1-LoopBack0]ip address 192.168.1.33 28
[R1-LoopBack1]ip add 192.168.1.49 28
[R2-GigabitEthernet0/0/0]ip address 192.168.1.2 30
[R2-GigabitEthernet0/0/1]ip address 192.168.1.9 30
[R2-LoopBack0]ip address 192.168.1.65 28
[R2-LoopBack1]ip address 192.168.1.81 28
[R3-GigabitEthernet0/0/0]ip address 192.168.1.6 30
[R3-GigabitEthernet0/0/1]ip address 192.168.1.13 30[R3-GigabitEthernet0/0/2]ip address 192.168.1.97 27
[R4-GigabitEthernet0/0/0]ip address 192.168.1.10 30
[R4-GigabitEthernet0/0/1]ip address 192.168.1.14 30
[R4-GigabitEthernet0/0/2]ip address 192.168.1.17 30
[R4-GigabitEthernet4/0/0]ip address 192.168.1.21 30
[R4-LoopBack0]ip address 192.168.1.129 28
[R4-LoopBack1]ip address 192.168.1.145 28
[R5-GigabitEthernet0/0/0]ip address 192.168.1.18 30
[R5-GigabitEthernet0/0/2]ip address 192.168.1.22 30
[R5-GigabitEthernet0/0/1]ip address 12.0.0.1 24[R5-LoopBack0]ip address 192.168.1.161 27
[R6-GigabitEthernet0/0/0]ip address 12.0.0.2 24[R6-LoopBack0]ip address 1.1.1.1 24
2.对R3进行DHCP配置
[R3]dhcp enable
[R3]ip pool 1[R3-ip-pool-1]network 192.168.1.96 mask 27
[R3-ip-pool-1]gateway-list 192.168.1.97
[R3-ip-pool-1]dns-list 8.8.8.8 114.114.114.114[R3-GigabitEthernet0/0/2]dhcp select global
3.静态路由配置
3.1对R1进行静态路由配置
[R1]ip route-static 192.168.1.64 27 192.168.1.2
[R1]ip route-static 192.168.1.8 30 192.168.1.2
[R1]ip route-static 192.168.1.12 30 192.168.1.6
[R1]ip route-static 192.168.1.96 27 192.168.1.6
[R1]ip route-static 192.168.1.128 27 192.168.1.6
[R1]ip route-static 192.168.1.128 27 192.168.1.2
[R1]ip route-static 192.168.1.16 30 192.168.1.2
[R1]ip route-static 192.168.1.16 30 192.168.1.6
[R1]ip route-static 192.168.1.20 30 192.168.1.6
[R1]ip route-static 192.168.1.20 30 192.168.1.2
[R1]ip route-static 192.168.1.160 27 192.168.1.2
[R1]ip route-static 192.168.1.160 27 192.168.1.6#设置空接口防环
[R1]ip route-static 192.168.1.32 27 NULL 0
3.2对R2进行静态路由配置
[R2]ip route-static 192.168.1.4 30 192.168.1.1
[R2]ip route-static 192.168.1.32 27 192.168.1.1
[R2]ip route-static 192.168.1.96 27 192.168.1.1
[R2]ip route-static 192.168.1.96 27 192.168.1.10
[R2]ip route-static 192.168.1.12 30 192.168.1.10
[R2]ip route-static 192.168.1.128 27 192.168.1.10
[R2]ip route-static 192.168.1.16 30 192.168.1.10
[R2]ip route-static 192.168.1.20 30 192.168.1.10
[R2]ip route-static 192.168.1.160 27 192.168.1.10#设置空接口防环
[R2]ip route-static 192.168.1.64 27 NULL 0
3.3对R3进行静态路由配置
[R3]ip route-static 192.168.1.32 27 192.168.1.5
[R3]ip route-static 192.168.1.0 30 192.168.1.5
[R3]ip route-static 192.168.1.64 27 192.168.1.5
[R3]ip route-static 192.168.1.64 27 192.168.1.14
[R3]ip route-static 192.168.1.128 27 192.168.1.14
[R3]ip route-static 192.168.1.8 30 192.168.1.14
[R3]ip route-static 192.168.1.16 30 192.168.1.14
[R3]ip route-static 192.168.1.20 30 192.168.1.14
[R3]ip route-static 192.168.1.160 27 192.168.1.14
3.4对R4进行静态路由配置
[R4]ip route-static 192.168.1.160 27 192.168.1.18
[R4]ip route-static 192.168.1.160 27 192.168.1.22
[R4]ip route-static 192.168.1.96 27 192.168.1.13
[R4]ip route-static 192.168.1.4 30 192.168.1.13
[R4]ip route-static 192.168.1.32 27 192.168.1.13
[R4]ip route-static 192.168.1.32 27 192.168.1.9
[R4]ip route-static 192.168.1.64 27 192.168.1.9
[R4]ip route-static 192.168.1.0 30 192.168.1.9#设置空接口防环
[R4]ip route-static 192.168.1.128 27 NULL 0
3.5 对R5进行静态路由配置
[R5]ip route-static 192.168.1.128 27 192.168.1.17
[R5]ip route-static 192.168.1.128 27 192.168.1.21
[R5]ip route-static 192.168.1.12 30 192.168.1.17
[R5]ip route-static 192.168.1.12 30 192.168.1.21
[R5]ip route-static 192.168.1.8 30 192.168.1.17
[R5]ip route-static 192.168.1.8 30 192.168.1.21
[R5]ip route-static 192.168.1.96 27 192.168.1.17
[R5]ip route-static 192.168.1.96 27 192.168.1.21
[R5]ip route-static 192.168.1.64 27 192.168.1.17
[R5]ip route-static 192.168.1.64 27 192.168.1.21
[R5]ip route-static 192.168.1.0 30 192.168.1.21
[R5]ip route-static 192.168.1.0 30 192.168.1.17
[R5]ip route-static 192.168.1.4 30 192.168.1.17
[R5]ip route-static 192.168.1.4 30 192.168.1.21
[R5]ip route-static 192.168.1.32 27 192.168.1.17
[R5]ip route-static 192.168.1.32 27 192.168.1.21
4.对R5进行NAT设置
[R5]ip route-static 0.0.0.0 0 12.0.0.2
[R5]acl 2000
[R5-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R5-acl-basic-2000]int g 0/0/1
[R5-GigabitEthernet0/0/1]nat outbound 2000#对R1-R4设置指向R6方向的静态缺省路由
[R1]ip route-static 0.0.0.0 0 192.168.1.2
[R1]ip route-static 0.0.0.0 0 192.168.1.6[R2]ip route-static 0.0.0.0 0 192.168.1.10
[R3]ip route-static 0.0.0.0 0 192.168.1.14
[R4]ip route-static 0.0.0.0 0 192.168.1.18
[R4]ip route-static 0.0.0.0 0 192.168.1.22
5.对R1进行telnet配置
[R1]aaa
[R1-aaa]local-user zhangsan password cipher 123456
Info: Add a new user.
[R1-aaa]local-user zhangsan service-type telnet
[R1-aaa]local-user zhangsan privilege level 15
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
6.在R5的出接口处设置端口映射,把内网上的远程登录服务发布到公网
[R5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 23 inside 192.168.1.1 23
Warning:The port 23 is well-known port. If you continue it may cause function fa
ilure.
Are you sure to continue?[Y/N]:y
7.在R6远程登录
8.浮动静态路由配置
8.1对R4的缺省路由进行浮动静态路由配置
[R4]ip route-static 0.0.0.0 0 192.168.1.22 preference 61
8.2 对R5进行配置
ip route-static 192.168.1.128 27 192.168.1.21 preference 61
ip route-static 192.168.1.12 30 192.168.1.21 preference 61
ip route-static 192.168.1.8 30 192.168.1.21 preference 61
ip route-static 192.168.1.96 27 192.168.1.21 preference 61
ip route-static 192.168.1.64 27 192.168.1.21 preference 61ip route-static 192.168.1.0 30 192.168.1.21 preference 61
ip route-static 192.168.1.4 30 192.168.1.21 preference 61
ip route-static 192.168.1.32 27 192.168.1.21 preference 61
242
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
